Hello.
I’ve been using vyatta 6.6 and vyos 1.0.4 for simple things such as DHCP, NAT, Port forwarding, etc.
But now I need to configure a VPN. I’ve done that using PPTP and it was quite simple. No problems with NAT unlike when I follow the instructions to set up a L2TP over IPSec VPN.
In this scenario, I found that windows by default doesn’t allow clients behind NAT to connect, but by creating a registry key named “AssumeUDPEncapsulationContextOnSendRule” in HKLM\system\currentcontrolset\services\policyagent, it should work, but I was not able to connect either with windows or even a very old OS X 10.4. If I don’t use NAT, I can connect both in windows and OS X.
My setup
Vyos 1.0.4
Enable NAT-Traversal
interface eth0 (3 IP addresses)
interface eth1 (1 address; 2 vif for 2 VLANS - one of them the target of my intended VPN)
I’ve even disabled the firewall TO-Router just for testing purposes and it’s not the issue here. Anyway
Firewall To-Router open
UDP 1701
UDP 500
IPSec NAT-T UDP 4500
protocols ESP and GRE
I’ve also enable TCP besides UDP…just to be sure…
I’ve followed the instructions by a Vyatta official manual, still, I can’t get it to work.
Two questions:
Any idea of what the problem is? Should I use openvpn instead? If so, why?
Looking forward for some replies.
Thanks!